1

Bascially i need to set up a configuration like the following:

http://wiki.wireshark.org/CaptureSetup/Ethernet#Capture_using_a_machine-in-the-middle

I have a computer with windows XP and 2 nics. I dont have a clue on how to set it up though, most of the articles i see dont relate to what I want to do.

Is it possible to keep both nics with the same network segment?

And what do they mean:

"it may well prove harder to make a Windows installation 'quiet' in network traffic terms than Unix."?

Thanks Guys

Luis
  • 21
  • 7

1 Answers1

2

It's fairly trivial to select two network interfaces and create a network bridge in Windows XP. After you've done that you can capture traffic on the "bridge" virtual interface using Wireshark. Because it's a layer 2 bridge you'll both NICs will be in the same broadcast domain ("segment", as you say).

What they're saying about making Windows "quiet" relates to traffic that Windows itself generates. If you untick the boxes for "TCP/IP", "Client for Microsoft Networks" and "File and Print Sharing for Microsoft Networks" in the properties for the Network Bridge you create then Windows will remain about as "quiet" as it can be.

Bridging wireless to wired won't work like you think it will, however. The network bridge code in Windows XP isn't "smart enough" to be a general purpose wireless to wired bridge.

Evan Anderson
  • 141,071
  • 19
  • 191
  • 328